Back to case studies

Strengthening Security of the Cloud, in the Cloud

Modus Create worked with a movie theater chain to enable AWS SSO integration and set the stage for a wider DevSecOps culture.

Featured image for: Strengthening Security of the Cloud, in the Cloud

Subscribe via Email

Subscribe to our blog to get insights sent directly to your inbox.

Phase 1: Cloud Security

1. Process review

The assessment began with a series of interviews with key stakeholders. By obtaining a deeper understanding of roles, responsibilities, and pain points, the team identified high-impact opportunities.

2. Documentation and tooling

The client had limited documentation and the team discovered a massive opportunity to assimilate tools to automate the DevOps pipeline.

3. Functional resilience

Next, it was time to assess the client’s capability of detection and remediation in case of a cyber attack. The team also reviewed CI/CD pipeline usage, security, cloud infrastructure, and deployment repeatability among several other aspects of the client architecture.

4. Due diligence

Finally, our security experts investigated systems, processes, and technologies related to cloud infrastructure, DevOps practices, networking, and IAM. At the end of this phase, the client received a detailed report of findings and recommendations based on the threat/vulnerability severity and exposure ratings.

Phase 2: AWS SSO Integration

AWS SSO (now known as AWS IAM Identity Center) is a way to manage multiple AWS accounts and applications at the same time. It also supports multi-factor authentication (MFA), adding an extra layer of security to accounts. This saves time and reduces the risk of unauthorized access.

Source: aws.amazon.com

Our team suggested the steps to enable SSO and utilize its benefits. Furthermore, based on Phase I findings, we developed a strategic plan for securing the cloud environment and improving its development and deployment processes. This plan prioritized key tasks according to their place in the threat/vulnerability exposure matrix. Finally, we proposed a realistic timeline to address the vulnerabilities along with staffing recommendations.

Impact

The assessment covered three different AWS cloud environments, three key personnel, one repository, and one CI/CD pipeline. It helped the client address critical risks to its AWS infrastructure and modernize the DevOps pipeline.

Vital Stats

  • 3 Cloud environments secured
  • 2 Weeks Security assessment duration

As an official AWS Select Tier Services and CloudFormation Delivery partner, Modus Create has led cloud transformation at several Global 2000 enterprises. Learn about our AWS partnership.

Related Customer Stories

Discover more customer stories.

Featured image for: Bright MLS – Creating a UX Obsessed Culture
Case Study

Bright MLS – Creating a UX Obsessed Culture

Learn More
Featured image for: EDR – How Automation Saved Days’ Worth of Work
Case Study

EDR – How Automation Saved Days’ Worth of Work

Learn More
Featured image for: Research-Led App Development for a Leading EdTech Company
Case Study

Research-Led App Development for a Leading EdTech Company

Learn More